Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
1
High Cost
FajarArrizki icon

mcp-technical-analysis

by FajarArrizki

Sec8

A comprehensive Model Context Protocol (MCP) server that bridges AI assistants with professional cryptocurrency market analysis capabilities, real-time market data, technical analysis, and Hyperliquid trading execution.

Setup Requirements

  • ⚠️Requires secure management of `AGENT_WALLET_PRIVATE_KEY` and `MAIN_WALLET_ADDRESS` environment variables for live trading (real money).
  • ⚠️Requires `MEM0_API_KEY` and `MEM0_USER_ID` environment variables for AI memory features (Mem0 is an external platform).
  • ⚠️Geographic restrictions may apply for Binance and Hyperliquid access, potentially requiring VPN or specific DNS configurations.
  • ⚠️Testnet trading is recommended for initial use as mainnet trading involves real funds and is irreversible.
Verified SafeView Analysis
The project demonstrates strong security practices for a financial trading agent, including explicit `confirmExecution: true` for mainnet trades, asset whitelisting, position size limits, and Zod schema validation for inputs. Environment variables are used for sensitive keys like `AGENT_WALLET_PRIVATE_KEY`. Network communication is designed for local (`localhost`) access via HTTP/SSE, minimizing direct external exposure. The use of `cross-spawn` and `tsx` to execute scripts is noted, but the primary interactions are with trusted APIs. Real-money trading always carries inherent risks, but the system has implemented safeguards.
Updated: 2025-12-05GitHub
31
3
Low Cost
NasAndNora icon

obsidian-http-mcp

by NasAndNora

Sec8

Facilitates AI agents, such as Claude Code, to manage Obsidian notes by providing an HTTP-native Model Context Protocol (MCP) server, bypassing stdio transport bugs.

Setup Requirements

  • ⚠️Requires Obsidian with the 'Local REST API' plugin enabled, with 'Non encrypted (HTTP) API' enabled and 'Binding Host' set to '0.0.0.0' for Docker/WSL2 scenarios.
  • ⚠️For cross-platform usage (e.g., AI on WSL2, server on Windows), the server must be installed and run on the same system as Obsidian, and the AI client must connect to the server's specific IP address (e.g., Windows bridge IP) rather than localhost.
  • ⚠️For any production deployment or exposure beyond a trusted local network, a reverse proxy with authentication, rate limiting, and HTTPS/TLS is CRITICAL, as these security features are not built into the server itself.
Verified SafeView Analysis
The server implements path traversal prevention, ReDoS protection (query length limit), PORT validation, type safety, and a request size limit. Soft delete is enabled by default, moving files to a trash directory. Crucially, the documentation explicitly states the server is designed for trusted networks (localhost, LAN, VPN) and does NOT include built-in authentication, rate limiting, or HTTPS. It binds to `0.0.0.0` for cross-platform compatibility, which requires a reverse proxy with authentication, rate limiting, and TLS for production or internet exposure. The strong emphasis on user responsibility for external security measures is a positive, but the lack of built-in measures limits its standalone security score.
Updated: 2025-11-19GitHub
31
1
Low Cost
MagicTurtle-s icon

asana-mcp-railway

by MagicTurtle-s

Sec9

This server acts as a Model Context Protocol (MCP) server for Asana, enabling AI agents (like Claude Code/Desktop) to manage tasks and projects in Asana through a comprehensive set of 42 tools.

Setup Requirements

  • ⚠️Requires registration and configuration of an Asana OAuth App (Client ID, Client Secret, Redirect URI) in the Asana Developer Console.
  • ⚠️Critical environment variables (ASANA_CLIENT_ID, ASANA_CLIENT_SECRET, ASANA_REDIRECT_URI) must be set before running.
  • ⚠️For production deployments, integrating with a persistent storage solution like Redis is recommended for token management, as the default implementation uses in-memory storage (tokens are lost on server restart).
Verified SafeView Analysis
The project demonstrates strong security practices for OAuth 2.0, including PKCE for authorization code flow and loading all secrets from environment variables. It also implements robust session management with asyncio locks, state machines, and circuit breakers to prevent re-authentication loops and handle concurrent requests. CORS is set to `allow_origins=["*"]` in development, but the documentation explicitly advises restricting this for production deployments. In-memory token storage is used by default, with clear recommendations for Redis in production for persistence.
Updated: 2025-11-23GitHub
31
1
Medium Cost
sumitparakh icon

ai-collections

by sumitparakh

Sec9

Provides a comprehensive collection of resources and proof-of-concept implementations for building and understanding Model Context Protocol (MCP) servers, integrating LLMs with external tools and data.

Setup Requirements

  • ⚠️Requires API keys for various AI services (e.g., OpenAI, Anthropic, vector databases) which can incur significant costs depending on usage.
  • ⚠️Requires specific language runtimes (Python 3.8+, Node.js 16+, Rust 1.70+) and their respective package managers.
Verified SafeView Analysis
The project documentation strongly emphasizes critical security best practices, including never committing API keys (mentioned multiple times), API key management, input validation, output filtering, rate limiting, privacy considerations, and secure data handling. No malicious patterns or 'eval' calls are visible in the truncated source code provided, suggesting a strong focus on secure development. However, as it's a collection of POCs, the security of actual implementations would require individual audits.
Updated: 2025-11-22GitHub
31
1
Low Cost
samiribrh icon

tableau-mcp

by samiribrh

Sec8

A Model Context Protocol (MCP) server enabling Claude Desktop to interact with Tableau Server, allowing natural language operations like uploading datasets, checking data sources, and converting Excel files to Tableau Hyper format.

Setup Requirements

  • ⚠️Requires Claude Desktop App for full integration.
  • ⚠️Requires a local Ollama instance running with a supported model (e.g., 'llama3.1:8b') for AI capabilities.
  • ⚠️Requires Tableau Server with a configured Personal Access Token (PAT).
Verified SafeView Analysis
The server correctly uses environment variables (`.env`) for sensitive Tableau Personal Access Token (PAT) credentials, avoiding hardcoded secrets. It is designed for local desktop app integration, which inherently reduces network exposure risks. No 'eval' or obfuscation is present. File path handling for uploads, while attempting to resolve paths within a default directory, could theoretically allow access to other files within that directory if the LLM generates an unexpected path. However, the tool definition strongly hints the LLM to provide 'filename only', mitigating this risk for its intended use case.
Updated: 2025-11-26GitHub
31
1
Medium Cost
anand-kamble icon

mcp-instagram

by anand-kamble

Sec9

Provides an MCP (Model Context Protocol) server for integrating with Instagram, enabling AI clients to interact with Instagram functionalities like viewing profiles, posts, stories, and performing engagement actions.

Setup Requirements

  • ⚠️Requires Node.js 18+ or 20+ to be installed.
  • ⚠️Instagram account credentials (IG_USERNAME and IG_PASSWORD) must be provided via environment variables or explicitly in the MCP client configuration.
  • ⚠️If Two-Factor Authentication (2FA) is enabled on the Instagram account, the `instagram_complete_2fa` tool must be used after initial login to complete the authentication flow.
  • ⚠️Relies on an unofficial Instagram API, which carries inherent risks of account restrictions or API changes breaking functionality.
Verified SafeView Analysis
The server correctly loads Instagram credentials (username, password) from environment variables (IG_USERNAME, IG_PASSWORD), preventing hardcoded secrets. Session data for `instagram-private-api` is persisted locally in `data/session.json` within the project directory, which is standard for local session management but means the user is responsible for securing this file. There are no obvious signs of arbitrary code execution (e.g., `eval` or `child_process.exec` on user input) or network-exposed vulnerabilities beyond its stdio interface designed for local client communication. The use of an unofficial Instagram API is explicitly disclosed as a risk to account status, but this is inherent to the chosen underlying library, not a direct vulnerability in the server's implementation.
Updated: 2025-11-24GitHub
31
1
Low Cost
murigugitonga icon

mcp_server_ts

by murigugitonga

Sec8

A Node.js Model Context Protocol (MCP) server designed to expose defined tools, currently featuring a placeholder 'create-user' capability, for interaction with external models or clients.

Setup Requirements

  • ⚠️Requires Node.js runtime (typically >=18 as indicated by dependencies' engine requirements).
  • ⚠️Relies on TypeScript, requiring 'typescript' and 'ts-node' for direct execution ('npm run server:dev') or a prior build step ('npm run server:build').
  • ⚠️Users need familiarity with the Model Context Protocol (MCP) to develop clients or effectively interact with the server's tools.
Verified SafeView Analysis
The server leverages the @modelcontextprotocol/sdk and uses Zod for robust input schema validation, which is a strong security practice. There are no direct 'eval' calls or obvious obfuscation. The 'create-user' tool's implementation is currently an empty placeholder, preventing a deeper analysis of data persistence security. A notable point is the 'DANGEROUSLY_OMIT_AUTH=true' flag used in the 'server:inspect' script, which explicitly disables authentication for inspection purposes. While clearly labeled for development/debugging, this flag represents a potential operational risk if inadvertently enabled in a production environment. The use of 'dotenv' suggests awareness for managing secrets, although no 'process.env' usage is visible in the provided 'server.ts' snippet.
Updated: 2025-12-13GitHub
31
2
High Cost
ThibautMelen icon

claude-insane-guide

by ThibautMelen

Sec7

Orchestrates complex multi-dialog workflows using sequential chaining for adaptable linear processes. It is recommended for advanced Claude Code patterns, specifically for mastering the orchestration of intricate dialogues.

Setup Requirements

  • ⚠️Requires `npm` and network access to fetch the `@modelcontextprotocol/sequential-thinking` package via `npx`.
  • ⚠️As a Model Context Protocol (MCP) server, it will likely consume a significant portion of the context window (potentially 50k+ tokens at startup), impacting overall token efficiency and potentially increasing costs for prolonged usage, as per general MCP server characteristics discussed in the guide.
Verified SafeView Analysis
No specific security audit details are provided in the source for this particular MCP server. It is assumed to be safe as it's a recommended tool within the Claude Code ecosystem, likely from official or trusted partners. However, general best practices for vetting third-party dependencies should always be applied.
Updated: 2025-11-21GitHub
31
3
High Cost
anutechofficial icon

simple-agent

by anutechofficial

Sec8

This project implements a Micro-Plugin (MCP) server that exposes tools for an AI agent, allowing it to collect structured user data via conversation.

Setup Requirements

  • ⚠️Requires `GITHUB_TOKEN` (or `OPENAI_API_KEY`) environment variable for the agent to function.
  • ⚠️Requires `ts-node` to be installed (via npm) to run TypeScript files directly.
  • ⚠️The MCP server (`server/index.ts`) and the AI agent (`agent/main.ts`) must be run separately (e.g., in different terminals) for the full system to operate.
Verified SafeView Analysis
The server uses `cors()` without specific origin restrictions, which is acceptable for local development but poses a security risk if exposed publicly. Tool inputs from the agent are used directly but within defined logical paths without apparent code injection vulnerabilities. Sensitive API keys like `GITHUB_TOKEN` are loaded securely via environment variables.
Updated: 2025-11-20GitHub
31
1
High Cost
reasonkit icon

reasonkit-web

by reasonkit

Sec8

A high-performance Model Context Protocol (MCP) server for browser automation, web capture, and content extraction, enabling AI agents to interact with web browsers.

Setup Requirements

  • ⚠️Requires installation of Chrome/Chromium for headless browser automation.
  • ⚠️Requires `wasm-pack` for WebAssembly-related tests/builds (not strictly for server runtime).
  • ⚠️Relies heavily on environment variables for sensitive (tokens) and operational configuration; missing variables can lead to errors or insecure defaults.
  • ⚠️The primary HTTP server (defined in `src/main.rs`) is noted as a 'placeholder' and may not be fully functional, while the stdio-based MCP server (`src/bin/mcp_server.rs`) is complete.
Verified SafeView Analysis
The server demonstrates strong security awareness through its use of environment variables for all secrets, constant-time comparison for authentication tokens (though the token hashing itself uses a non-cryptographic hasher, which is a minor defense-in-depth point), strict localhost-only CORS by default, and a robust rate-limiting system. It also includes explicit warnings about binding to all interfaces and logging sensitive payloads. The primary security risk is the 'web_execute_js' tool, which allows arbitrary JavaScript execution within the browser. While this is an intended powerful feature for AI agents, it mandates that the MCP server must be exposed only to trusted clients/environments. Default configurations (localhost binding, authentication required for tools) mitigate this for typical deployments.
Updated: 2026-01-19GitHub
31
1
High Cost
victor20252025 icon

opencode-config

by victor20252025

Sec2

Orchestrates a multi-agent system to decompose, execute, and review complex software development tasks in parallel using Git worktrees.

Setup Requirements

  • ⚠️Requires Bun runtime for execution.
  • ⚠️Requires Git CLI installed and available in PATH.
  • ⚠️The `repo-explorer` tool requires external CLI tools: `tree`, `ripgrep` (rg), `ast-grep` (sg), and `fd-find` (fd) to be installed.
  • ⚠️This is an OpenCode AI plugin, requiring the OpenCode AI platform or application to host and run it.
Review RequiredView Analysis
The `repo_search` and `repo_ast` tools in `tool/repo-explorer.ts` are highly vulnerable to command injection. User-provided `pattern` and `fileGlob` arguments are directly interpolated into shell commands executed via `sh -c` without apparent sanitization or escaping. An attacker could inject arbitrary shell commands by crafting malicious input for these parameters. For example, a `pattern` containing a single quote followed by `; rm -rf /;` would execute `rm -rf /`. This is a critical security flaw.
Updated: 2026-01-19GitHub
31
1
Medium Cost
avinashsingh icon

mcp-sdlc-tracker

by avinashsingh

Sec8

Provides a Model Context Protocol (MCP) server for SQLite-based task and project tracking with full SDLC entity, wiki, and comments management.

Setup Requirements

  • ⚠️Requires Node.js installed locally to run `tsx`.
  • ⚠️Requires explicit initialization via the `initialize` MCP tool or `/api/initialize` endpoint, providing the current project directory path, before other tools can be used.
  • ⚠️Requires file system write permissions in the specified project directory to create the SQLite database file (`.project_tracker.donottouch`) and update `.gitignore`.
  • ⚠️The `get_knowledge_graph` tool depends on the `find` command, which is standard on Unix-like systems but might require specific setup on Windows.
Verified SafeView Analysis
SQL injection risks are largely mitigated by `better-sqlite3`'s consistent use of parameterized queries throughout the server. The `tools/write-full-file.ts` tool allows writing to arbitrary file paths within the initialized project directory, posing a moderate risk for an AI agent capable of arbitrary file write operations, though backups are created. The `tools/kg.ts` utilizes `child_process.execSync` but with hardcoded and well-defined `find` commands, limiting direct RCE from user input originating from client requests.
Updated: 2025-12-09GitHub
PreviousPage 186 of 713Next